Blogs

Showing Blog Posts: 81–90 of 101 tagged Data Breach

  • Nine Days from Sony Security Breach to Class Action Lawsuit

    by Stephen Wu on May 9, 2011

    On April 27, 2011, lawyers in California filed a class action complaint against Sony for failing to protect sensitive information of consumers using the PlayStation® game console and Playstation® Network. The complaint arises from events surrounding a security breach at Sony compromising users’ data. In fact, the complaint claims that the Sony breach may result in “the greatest potential for credit…

  • Network Security Auditing

    by Ben Rothke on April 27, 2011

    The subtitle of Network Security Auditing is the complete guide to auditing security, measuring risk, and promoting compliance. The book does in fact live up to that and is a comprehensive reference to all things network security audit related. In 12 chapters at almost 450 pages, the book covers all of the key areas around network security that is of relevance to those working in information…

  • Are Consumers Legally Damaged When a Free Service Fails to Protect Their Personal Information?

    by Stephen Wu on April 17, 2011

    When consumers use a paid Internet service, and the service fails to protect their personally identifiable information (“PII”), the consumers can claim that they sustained a concrete injury. They arguably paid something for the service, and did not receive the full benefit of what they expected, namely a service that protects their PII, especially when the service’s privacy policy says that it…

  • Ruling that Data Breach Victims Had Standing to Pursue Claims

    by Stephen Wu on December 23, 2010

    On December 14, 2010, the U.S. Court of Appeals for the Ninth Circuit ruled that victims of a data breach had standing to sue in federal court under Article III of the Constitution for negligence and breach of implied contract. The court's ruling appears in Krottner v. Starbucks Corp., No. 09-35823, 2010 WL 5141255 (9th Cir. Dec. 14, 2010). Despite the ruling for plaintiffs on standing, the…

  • Governor Schwarzenegger Vetoes Proposed A.G. Reporting Requirement for Data Breaches – Again

    by Stephen Wu on November 12, 2010

    Sometimes the third time’s a charm, but in the case of S.B. 1166, a bill intended to strengthen California’s data breach notification law, the third time ended up like the preceding two – in a veto by Governor Arnold Schwarzenegger. I wrote in aMay blog post about Sen. Joseph Simitian, the author of California’s S.B. 1386, introducing legislation for the third time to augment S.B. 1386. S.B. 1386…

  • Appeals Court Stops Yet Another Risk of Identity Theft Case

    by Stephen Wu on July 22, 2010

    Recently, the United States Court of Appeals for the Ninth Circuit rejected the claims of a job candidate whose social security number was compromised following the theft of a laptop of the potential employer. The court ruled that the named plaintiff in this putative class action failed to adduce any evidence of appreciable and actual damages. The court issued its unpublished opinion in this…

  • New Mississippi Breach Notification Law

    by Stephen Wu on May 15, 2010

    On April 7, 2010, Mississippi became the 46th state in the U.S. to enact breach notification legislation when the governor signed H.B. 583. The Mississippi House passed the legislation in January, and the Mississippi Senate amended and passed a version of H.B. 583 in March. The legislation covers businesses holding the personal information of Mississippi residents. For a copy of Mississippi H.B. …

  • California Information Security Legislative Update

    by Stephen Wu on May 5, 2010

    Last year, California addressed the disposal of personal information by enacting AB 1094, which provides a safe harbor for storage companies or landlords when they end up with others’ records containing personal information. Governor Schwarzenegger, however, vetoed legislation, SB 20, to enhance the state’sbreach notification law to require notification to the California AttorneyGeneral, in…

  • North Carolina's Amendment to its Breach Notification Law

    by Stephen Wu on April 17, 2010

    Although almost all the states have some form of breach notification law, the legislative process regarding breach notification has not reached an end. Some states are changing their breach notification laws in an effort to enhance their protections. Last July, North Carolina enacted S.B. 1017, which amends the state’s breach notification law. N.C. Gen. Stat. § 75-65. Click here for a copy of S.B. …

  • Missouri's Breach Notification Law

    by Stephen Wu on April 13, 2010

    Missouri became the 45th state to enact a breach notification law. Mo. Rev. Stat. §§ 407.1500.1-407.1500.4. Missouri’s governor signed the enabling legislation, H.B. 62, into law last July. It went into effect last August 28. For a copy of H.B. 62, click here. H.B. 62 covers “personal information” consisting of a name in combination with a driver’s license number, Social Security number, or…

This document was retrieved from http://www.rsaconference.com/blogs on Tue, 02 Sep 2014 02:52:40 -0400.
© 2014 EMC Corporation. All rights reserved.